A peer-to-peer (hereafter referred to as P2P) communication system in which messages are relayed between client devices (node devices), different from a client-server (hereafter referred to as C-S) communication system, is attracting attention. Since the P2P communication system performs communication processing, such as retrieval and transfer of files, between the nodes, the P2P communication system is advantageous over the C-S communication system in which the processing load of the specific server device thereof increases.
In the C-S communication system in which files are delivered from the server device, the server device performs authentication processing for a client device serving as a destination, thereby providing protection against copyright and security, for example, and preventing the unauthorized leakage of files. In order to make use of the advantage of the P2P communication system, the P2P communication system is needed to build an authentication system that performs authentication between the node devices and prevents the unauthorized leakage of files. For example, Japanese Patent Application Laid-open Publication No. 2006-185171 discloses a P2P authentication system. The P2P authentication system includes a node device (hereafter referred to as an authentication node) for performing authentication and a plurality of node devices (hereafter referred to as verification nodes) for verifying the validity of the authentication information due to the request from the authentication node.
On the basis of the respective pieces of result information received from the plurality of verification nodes, the authentication node performs authentication. In the case that the authentication has succeeded, the authentication node provides services, such as the transmission of files. However, inconsistency may occur in the verification results indicated by the plural pieces of the received result information; in other words, differences may occur in the judgment results of the validity of the authentication information. This kind of situation may occur, for example, in the case that some of the verification nodes have old verification information, or an invalid node device has returned result information in response to the request for the verification. In the case that there is inconsistency in the verification results, the authentication node transmits the authentication information to the administrative node device and requests the administrative node device to judge the validity of the authentication information or makes a majority decision on the basis of the judgment results according to the result information, thereby judging whether the authentication has succeeded.
However, in the conventional P2P authentication system, in the case that the method in which the authentication node requests the administrative node device to judge the validity of the authentication information is used and that inconsistency occurs in the results of the verification requested, the processing load of the specific administrative node device increases. Hence, there is a problem that the advantage of the P2P authentication system is impaired.
Furthermore, in the case that the method in which the judgment is made by a majority decision is used, if numerous verification nodes having old verification information are included in the verification nodes having been requested to judge the validity, for example, a misjudgment is made, whereby there is a problem that the authentication lacks in accuracy.